04-11-2013
You may want to catalog the permissions found on the system and then you can test a user against one file per permission set: bits, id, group, dir, flat file or other inode.
As root you can impersonate any user and runs a script checking permissions. Or, you can write something that filters the permissions for a user out. Some users may have multiple groups, of course.
The system may have files that they could access except that currently they have no permissions on the path. Are they a concern?
9 More Discussions You Might Find Interesting
1. Red Hat
Hi all,
I am using RHEL 5.0
I need a user say test to have full access to two directories, say /tmp1 & /tmp2 only other than his home directory.
I do not want to change his login shell which is ksh or bash by default.
Moreover, he should not even have read access of other directories.
... (10 Replies)
Discussion started by: vikas027
10 Replies
2. Shell Programming and Scripting
EDIT : This is for perl
@data2 = grep(/$data/, @list_now);
This gives me @data2 as
Printing data2 11 testzone1 running /zones/testzone1 ***-*****-****-*****-***** native shared
But I really cant access data2 by its individual elements.
$data2 is the entire list, while $data,2,3...... (1 Reply)
Discussion started by: shriyer
1 Replies
3. Shell Programming and Scripting
Hi ,
I am very new to unix as well as shell scripting. I have to write a script for the following requirement.
In a particular mount, have to list all the directories and sub directories along with size of the directory and sub directory in ascending order.
Please help me in this regard and many... (4 Replies)
Discussion started by: nmakkena
4 Replies
4. UNIX for Dummies Questions & Answers
Hi,
Please help me, how to get all the direcotries, its sub directories and its sub directories recursively, need to exclude all the files in the process.
I wanted to disply using a unix command all the directories recursively excluding files.
I tried 'ls -FR' but that display files as... (3 Replies)
Discussion started by: pointers
3 Replies
5. AIX
Hi
I'm logged in to an AIX box now and we need to do an audit on this box.
cbssapr01:# pwd
/
Which command will show all the files and directories owned by root user with permissions as 777 ? (8 Replies)
Discussion started by: newtoaixos
8 Replies
6. Shell Programming and Scripting
Hi Experts,
I am in urgent need of your suggestions.
I have below two users in my system:
xyz:x:101:101:XYZ System Account:/export/home/xyz:/bin/bash
abc:x:2009:10:ftp user only:/export/home/abc:/bin/false
Where "xyz" is the crucial one and "abc" is only introduced for FTPing the... (2 Replies)
Discussion started by: sugarcane
2 Replies
7. Shell Programming and Scripting
Can anyone come up with a unix command that lists
all the files, directories and sub-directories in the current directory
except a folder called log.?
Thank you in advance. (7 Replies)
Discussion started by: Manjunath B
7 Replies
8. UNIX for Dummies Questions & Answers
It is for HP-Unix B.11.31.
Requirement:
1. List the directories, having given pattern in the directories name, sorted by creation date.
Example: Directories with name "pkg32*" or "pkg33*"
2. On the output of 1. list the directories by creation date as sort order, with creation date... (2 Replies)
Discussion started by: Siva SQL
2 Replies
9. Solaris
I have searched this quite a long time but couldn't find the right method for me to use. I need to assign read write permission to the user for specific directories and it's sub directories and files. I do not want to use ACL. This is for Solaris. Please help. (1 Reply)
Discussion started by: blinkingdan
1 Replies
STRMODE(3) BSD Library Functions Manual STRMODE(3)
NAME
strmode -- convert inode status information into a symbolic string
LIBRARY
Utility functions from BSD systems (libbsd, -lbsd)
SYNOPSIS
#include <bsd/string.h>
void
strmode(mode_t mode, char *bp);
DESCRIPTION
The strmode() function converts a file mode (the type and permission information associated with an inode, see stat(2)) into a symbolic
string which is stored in the location referenced by bp. This stored string is eleven characters in length plus a trailing NUL.
The first character is the inode type, and will be one of the following:
- regular file
b block special
c character special
d directory
l symbolic link
p fifo
s socket
w whiteout
? unknown inode type
The next nine characters encode three sets of permissions, in three characters each. The first three characters are the permissions for the
owner of the file, the second three for the group the file belongs to, and the third for the ``other'', or default, set of users.
Permission checking is done as specifically as possible. If read permission is denied to the owner of a file in the first set of permis-
sions, the owner of the file will not be able to read the file. This is true even if the owner is in the file's group and the group permis-
sions allow reading or the ``other'' permissions allow reading.
If the first character of the three character set is an ``r'', the file is readable for that set of users; if a dash ``-'', it is not read-
able.
If the second character of the three character set is a ``w'', the file is writable for that set of users; if a dash ``-'', it is not
writable.
The third character is the first of the following characters that apply:
S If the character is part of the owner permissions and the file is not executable or the directory is not searchable by the owner, and
the set-user-id bit is set.
S If the character is part of the group permissions and the file is not executable or the directory is not searchable by the group, and
the set-group-id bit is set.
T If the character is part of the other permissions and the file is not executable or the directory is not searchable by others, and the
``sticky'' (S_ISVTX) bit is set.
s If the character is part of the owner permissions and the file is executable or the directory searchable by the owner, and the set-
user-id bit is set.
s If the character is part of the group permissions and the file is executable or the directory searchable by the group, and the set-
group-id bit is set.
t If the character is part of the other permissions and the file is executable or the directory searchable by others, and the ``sticky''
(S_ISVTX) bit is set.
x The file is executable or the directory is searchable.
- None of the above apply.
The last character is a plus sign ``+'' if any there are any alternate or additional access control methods associated with the inode, other-
wise it will be a space.
SEE ALSO
chmod(1), find(1), stat(2), getmode(3), setmode(3)
HISTORY
The strmode() function first appeared in 4.4BSD.
BSD July 28, 1994 BSD